lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20030502005631.GA8596@linux-ag.de>
Date: Fri, 2 May 2003 02:56:31 +0200
From: Karl-Heinz Haag <k.haag@...ux-ag.com>
To: bugtraq@...urityfocus.com
Subject: Re: OpenSSH/PAM timing attack allows remote users identification

Quoting Marco Ivaldi (raptor@...iaservice.net):

> Security Advisory 					@ Mediaservice.net Srl
> (#01, 30/04/2003)					Data Security Division
> 
>          Title:	OpenSSH/PAM timing attack allows remote users identification
>    Application:	OpenSSH-portable <= 3.6.1p1
>       Platform:	Linux, maybe others
>    Description:	A remote attacker can identify valid users on vulnerable
> 		systems, all PAM-enabled systems are potentially affected
>         Author:	Marco Ivaldi <raptor@...iaservice.net>
>   Contributors: Maurizio Agazzini <inode@...iaservice.net>,
> 		Solar Designer <solar@...nwall.com>,
> 		Andrea Ghirardini <pila@...asecurity.com>
>  Vendor Status: OpenSSH team notified on 12/04/2003,
> 		vendor-sec list notified on 28/04/2003
>  CVE Candidate: The Common Vulnerabilities and Exposures project has assigned
> 		the name CAN-2003-0190 to this issue.
>     References: http://lab.mediaservice.net/advisory/2003-01-openssh.txt
> 		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0190
> 
> 1. Abstract.
> 
> During a pen-test we stumbled across a nasty bug in OpenSSH-portable with PAM
> support enabled (via the --with-pam configure script switch). This bug allows a 
> remote attacker to identify valid users on vulnerable systems, through a simple
> timing attack. The vulnerability is easy to exploit and may have high severity,
> if combined with poor password policies and other security problems that allow 
> local privilege escalation.
> 
> 2. Example Attack Session.
> 
> root@...doo:~# ssh [valid_user]@lab.mediaservice.net
> [valid_user]@lab.mediaservice.net's password:	<- arbitrary (non-null) string
> [2 secs delay]
> Permission denied, please try again.
> 
> root@...doo:~# ssh [no_such_user]@lab.mediaservice.net
> [no_such_user]@lab.mediaservice.net's password:	<- arbitrary (non-null) string
> [no delay]
> Permission denied, please try again.
> 
> 4. Fix.


The "Fix" is to encourage all users/admins of OpenSSH to _only_ work 
with key authentication (preferable only ssh2 protocol) on all ssh servers. 


Switch the default: 
PasswordAuthentication yes

Into: 
PasswordAuthentication no

in sshd_config

In combination with the default "RSAAuthentication yes" it results in: 

,--------
| 	kh@i4x:~$ ssh dodo@i4x		<-dodo=no_such_user
| 	[no delay]
| 	Permission denied (publickey).
`--------

The same as: 
,--------
| 	kh@i4x:~$ ssh root@i4x
| 	[no delay]
| 	Permission denied (publickey).
`--------

That would be my 2Cent. 

Karl-Heinz

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ